Personal Cybersecurity #36: Daily news

What you need to know for your personal cyber security life… 

Number thirty-six in a series of semi-regular daily current and topical computer threats that may affect your online, or even offline, digital and real life. Why cyber-security on SurvivalRing? Because EVERYTHING you do in your life everyday is a part of the cyber world…even your offline plans. So, be aware, and pay attention. The bad guys WILL eventually get around to YOU…personally…so be prepared for it, by staying in the informational loop. 

And, just so you know, I’ve got 31 years of IT experience, and my day job is for the State of Wyoming as an Information Specialist. I believe an informed prepper is a BETTER prepper. Information is the life blood of being prepared. Learn more with every article in this continuing series. Please ask questions if you want to learn more…I’m here to help.

evil inside

# # #

HEADLINES…for this issue…14 articles

  • Malware infections tripled in late 2013, Microsoft finds
  • Web cesspit 4chan touts ‘$20 bug bounty’ after hackers ruin Moot’s day
  • Why Threat Intelligence Is Like Teenage Sex
  • Report: Texas police arrest man linked to Target data breach
  • Orange confirms details of 1.3 million customers were stolen
  • In his words: How a whitehat hacked a university and became an FBI target
  • Colombian authorities arrest purported hacker for allegedly trying to sabotage peace talks
  • FireEye buying nPulse for $70M to gain security analytics ‘flight recorder’
  • Hackers cause per capita loss of US$224 in China in 2013
  • Don’t let hackers know Mandiant founder checks his email on an iPad. Oh
  • Canada woes, breach seen as cause for Target CEO’s exit
  • Navy Systems Administrator Arrested on Hacking Charges
  • We’re Saved! Experts Show How to Fix U.S. Cybersecurity
  • I-Team: ‘Heartbleed’ a confusing security threat

# # #

Malware infections tripled in late 2013, Microsoft finds

  • By Jeremy Kirk
  • IDG News Service
  • May 7, 2014

A three-fold increase in Microsoft Windows computers infected with malicious software in late 2013 came from an application that was for some time classified as harmless by security companies.

The finding comes as part of Microsoft’s latest biannual Security Intelligence Report (SIR), releasedon Wednesday, which studies security issues encountered by more than 800 million computers using its security tools.

In the third quarter of 2013, an average of 5.8 Windows computers out of every 1,000 were infected with malware, said Tim Rains, director of Microsoft’s Trustworthy Computing division, which tracks security trends targeting the company’s widely used products. That jumped to about 17 computers per 1,000 for the last quarter of the year.

Rains attributed the rise to malware called “Rotbrow.” The program masquerades as a browser add-on called “Browser Protector” and is supposedly a security product, Rains said by phoneWednesday. Rotbrow was found on about 59 of every 1,000 computers using its security products, he said.


# # #

Web cesspit 4chan touts ‘$20 bug bounty’ after hackers ruin Moot’s day

  • By Darren Pauli
  • The Register
  • 7 May 2014

Internet armpit 4chan now has a bug bounty – although with just $20 in “self-serve ad spend” on the website or an annual membership up for grabs, it’s not particularly bountiful.

The bounty programme was launched after the image-board website and a drawing website, both founded by Chris “moot” Poole, were compromised by miscreants.

The bounty [details here] may help to deter future attacks by encouraging hackers to quietly report vulnerabilities so they could be fixed.

But 4chan’s effort could be hindered as the cashless reward stands as one of the stingiest on the internet, with researchers rewarded the princely sum of 20 bucks in “self-serve ad spend” or a free annual 4chan membership (worth $20) for each bug disclosure, plus recognition in the presently empty hall of fame.

Poole blogged about how he had awoken last week to a series of missed phone calls from pals who told him he’d “been hacked twice in one day”.


# # #

Why Threat Intelligence Is Like Teenage Sex

  • By Nick Selby
  • Commentary
  • Dark Reading
  • 5/7/2014

Whatever the official theme of the 2014 RSA Conference was, any one attendee will tell you the unofficial theme — the message on every banner in the place, it seemed — was “Threat Intelligence.” But threat intelligence, as it was put to me by Eric Olson of Cyveillance, is a lot like teenage sex: Everyone is talking about it, everyone thinks everyone else is doing it, and most of the few people who are actually doing it aren’t doing it all that well.

There are lots of fashionable things to say about intelligence, and everyone gets all… cool when they discuss it, as if they have some dark, national secret that you don’t have. Balderdash!

Let’s cut through the mystery in two important ways:


 # # #

Report: Texas police arrest man linked to Target data breach

  • By Reuters
  • May 7, 2014

SAN FRANCISCO (Reuters) – Texas police have arrested a man named Guo Xing Chen they say is linked to the devastating data breach at No. 3 U.S. retail chain Target Corp last year, USA Today cited a state criminal complaint as saying on Wednesday.

“It is also believed Chen is involved in a large-scale credit breach believed to be in excess of $70 million according to investigators from the Target Corporation,” the newspaper cited an arrest affidavit as saying.

The cyber-attack on Target was the second-largest cybersecurity breach at a U.S. retailer. It dented the company’s profits, shook consumer confidence, prompted congressional hearings and helped lead to the removal of Chairman and Chief Executive Gregg Steinhafel this week.


 # # #

Orange confirms details of 1.3 million customers were stolen

Orange has warned people to be on their guard against phishing attacks after the personal details of 1.3 million of its customers were stolen by the hackers.

The French telecommunications group has confirmed the breach resulted in the victims’ names, telephone numbers, birth dates and email addresses being compromised. The attack took place last month and was originally detected on 18 April, it added.

However, Orange has stressed that no credit card information or payment details were lifted during the breach.

Hackers are believed to have gained access to the platform Orange uses to distribute promotional emails and text messages to customers in France to carry out the data theft.

As a result, the company has notified those affected, warning them to be on their guard against follow-up, phishing emails that might attempt to extort further sensitive information from them.


 # # #

In his words: How a whitehat hacked a university and became an FBI target

  • By Sean Gallagher
  • Ars Technica
  • May 6, 2014

David Helkowski stood waiting outside a restaurant in Towson, Maryland, fresh from a visit to the unemployment office. Recently let go from his computer consulting job after engaging in some “freelance hacking” of a client’s network, Helkowski was still insistent on one point: his hack, designed to draw attention to security flaws, had been a noble act.

The FBI had a slightly different take on what happened, raiding Helkowski’s home and seizing his gear. Helkowski described the event on reddit in a thread he titled, “IamA Hacker who was Raided by the FBI and Secret Service AMAA!” Recently Ars sat down with him, hoping to get a better understanding of how this whitehat entered a world of gray. Helkowski was willing to tell practically everything—even in the middle of an ongoing investigation.

Until recently, Helkowski worked for The Canton Group, a Baltimore-based computer consulting firm serving, among other clients, the University of Maryland. Helkowski’s job title at The Canton Group was “team lead of open source solutions,” but he began to shift his concerns toward security after identifying problems on a University of Maryland server.

That transformation from developer to hacker came to a head when Helkowski decided that the vulnerabilities had gone unfixed for too long. He set out to prove a point about computer security both to the University of Maryland and to his employers. In early March 2014, working from a computer in his Parkville, Maryland home, Helkowski said that he exploited a misconfigured Web server and some poor database security in order to duplicate the results of a recent data breach that exposed the Social Security numbers and personal information for more than 300,000 current and former University of Maryland students and staff.


 # # #

Colombian authorities arrest purported hacker for allegedly trying to sabotage peace talks

  • MAY 6, 2014

BOGOTA – Authorities arrested a suspected hacker for trying to obtain information to sabotage government peace talks with Colombia’s biggest rebel movement, the chief prosecutor’s office said Tuesday.

The announcement described Andres Sepulveda as the leader of a spying ring that operated out of an office raided over the past two days in a tony Bogota neighbourhood.

The case has political overtones, coming less than three weeks before Colombia’s presidential election.

Investigators said they had reason to believe that President Juan Manuel Santos’ email might have been intercepted, but they provided no details.


 # # #

FireEye buying nPulse for $70M to gain security analytics ‘flight recorder’

  • By Ellen Messmer
  • Network World
  • May 06, 2014

Threat protection company FireEye Tuesday announced it’s acquiring nPulse Technologies, a privately-held maker of high-speed packet-capture, network analysis and forensics gear, for $70 million in a cash-stock deal expected to close during the second quarter.

Charlottesville, Va.,-based nPulse makes a line of data storage and network forensics products, including Cyclone nSpector, Capture Probe and Security Probe, and has about 60 customers, including the U.S. government (where some of its equipment is used to support the EINSTEIN 3 network-monitoring program run by the Department of Homeland Security). Chairman and CEO Dave DeWalt, says acquiring nPulse will give FireEye a platform that represents a kind of “flight recorder” for security analytics.

“The new reality of security is that every organization has some piece of malware code within their network,” DeWalt says. “The important question is has that code been able to execute any compromising activity that puts organizations at risk, and if so, what data left the network?” He suggested with the addition of the nPulse gear, FireEye will be able to incorporate real-time breach information into a single platform to provide in-depth attack information in order to remediate the situation before “a compromise turns catastrophic.” nPulse has about 30 employees and is headed by CEO Tim Sullivan, an ex-Marine who earlier in his career started up Fidelis Security Systems. Sullivan is expected to stick around and be vice president of FireEye’s enterprise forensics group.


 # # #

Hackers cause per capita loss of US$224 in China in 2013

  • By Staff Reporter
  • 2014-05-06

In 2013, 552 million people around the world lost their personal information to hackers. In China alone, 164 million people were affected by internet crime, with combined losses reaching US$37 billion or a per capita loss of US$224, the Guangzhou-based Dayoo reports, citing Symantec Corporation.

In 2001, a hacker war between China and the United States rocked the world. Since then, the internet has quickly spread to the whole of China with amazing speed, and the battlefield is wide and plentiful for the relentless assault of black and white hat hackers.

With the rising popularity of smartphones, there are now 12 million malicious links ready at any time to threaten personal information and financial security. From the viewpoint of quite a few top hackers, payment accounts which look safe can be changed at any time, money in savings accounts can be directly transferred to a hacker’s account, and hackers can directly give orders without paying money. More than 60% of network platforms have safety faults and if a user fails to adopt any protection measures, being attacked is just a matter of time. The problem is that most people are not aware of the battle din ringing in their phones, their PCs and their networks.

In a computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network. They may be motivated by profit, protest or simple love of a challenge, and may be lone wolfs or part of a worldwide underground network.

PW, the owner of a software development firm in Guangzhou, has another unknown job as a senior hacker. A computer expert, PW sees himself a non-typical hacker who loves the sport for its own sake. He said about 80% of websites have various faults and successfully carrying out attacks on these websites is just a matter of time.


 # # #

Don’t let hackers know Mandiant founder checks his email on an iPad. Oh

  • By John Leyden
  • The Register
  • 6 May 2014

Infosec 2014 Mandiant boss Kevin Mandia says he has cut back on email and only uses an iPad to check his inbox as he fends off counterattacks from hackers.

In 2013, the company published a landmark report on the so-called APT1 espionage crew: the detailed dossier claimed Shanghai-based People’s Liberation Army Unit 61398 had hacked and injected malware into 141 organisations globally over seven years, and swiped terabytes of corporate secrets as a result.

Months later it emerged hackers had lifted personal information from CorporateCarOnline, a limousine-booking firm used by Mandia as well as basketball star LeBron James, Donald Trump and many other famous figures.

Data grabbed from the limo biz included names and addresses and credit numbers in a plain-text archive, plus travel records and instructions to drivers. The records were found on the same servers used by hackers to store information stolen from PR Newswire as well as source code taken from Adobe, investigative journalist Brian Krebs reported in November 2013.


 # # #

Canada woes, breach seen as cause for Target CEO’s exit

  • By Jaikumar Vijayan
  • Computerworld
  • May 5, 2014

Target CEO Gregg Steinhafel’s resignation Monday as president, CEO and chairman of the Board of the company likely isn’t a sign that boards of directors are now holding chief executives accountable for massive data breaches.

While some observers quickly linked Steinhafel’s exit with the breach, his departure likely has more to do with Target’s botched expansion in Canada, analysts said.

“The breach may have been the straw that broke the camel’s back,” said Avivah Litan, an analyst with Gartner. “But I can’t imagine him taking the fall just because of the breach. The board probably wanted him to leave because of poor financial performance” in Canada, she said.

Target on Monday announced that Steinhafel stepped down as CEO, effective immediately. In a statement, the company said CFO John Mulligan was named interim president and CEO. Board member Roxanne Austin was named interim non-executive chair of the board, the statement said.


 # # #

Navy Systems Administrator Arrested on Hacking Charges

  • By Andrew Grossman
  • The Wall Street Journal
  • May 5, 2014

WASHINGTON —- A Navy systems administrator assigned to the nuclear reactor department of an aircraft carrier was also the leader of an antigovernment hacking group, prosecutors alleged Monday.

Prosecutors say 27-year-old Nicholas Knight, an alleged hacker since age 16, led Team Digi7al, a group that broke into networks belonging to more than 30 governments, companies and individuals throughout 2012 and stole personal information about employees and customers.

The group, motivated by a mix of antigovernment politics, boredom and desire to prove itself to the hacking community, then posted some of the information online, according to the charging document filed in federal court in Tulsa, Okla., Monday.

Mr. Knight’s arrest is a reminder of the dilemma the government faces as it seeks to recruit young adults with hacker-grade computer chops. Often times, they are indeed hackers. Some aren’t yet ready to give up the darker side of technology or, in the case of Edward Snowden, the former National Security Agency contractor, they hold beliefs that may clash with the Pentagon.


 # # #

 We’re Saved! Experts Show How to Fix U.S. Cybersecurity

  • By Patrick Tucker
  • Defense One
  • May 4, 2014

The date is April 4, 2015. A major cyberattack hits two generators in Florida, knocking out power in the cities of Coral Springs and St. Augustine, leading to multiple deaths and millions of dollars lost. One month later, Congress has to get a bill to the president to fix the vulnerability. But political gridlock, media histrionics and aggressive lobbying from industry makes passage of a bill far from certain. With this as their background, 350 members of the Truman National Security Project ran a massive simulation on Saturday to see if the United States was capable of passing legislation to fix the nation’s cyber vulnerabilities in the aftermath of a national crisis.

In a few rooms at the Washington Plaza hotel, the simulation played out dramatically over the course of four hours. The feel was Washington, D.C., at hyper-speed. Five minutes into the experiment, a poll revealed the president’s approval rating falling to 35 percent, with the public trusting Republicans more than Democrats to handle cybersecurity. Rumors about the origin of the attack moved in whispers. Within ten minutes, business interests sought full liability protection for American utility companies and software providers. Players’ phones buzzed with push notifications from dueling press releases, news reports and polls, adding a realistic urgency to the action.

The exercise represented something of a first in size and scope for legislative simulations, with players drawn from Hill staff, the cybersecurity field, and the military. In theory, it showed that Congress and the White House are capable of passing a cybersecurity bill with mandatory standards for industry.

Matt Rhoades, director of the cyberspace and security program at Truman and the designer of the experiment, described it as an acid test to reveal the effectiveness of the White House’s recent Cybersecurity Framework, released in February. The framework is a set of practices and guidelines for utility companies, software designers and cybersecurity players to protect the nation’s critical infrastructure from attack.


 # # #

I-Team: ‘Heartbleed’ a confusing security threat

[Jason isn’t related to me, and fair warning, I know this story is bad, but its one of those news articles I had to share on how not to report on a technology story.  — WK]

  • By Jason Knowles
  • @KnowlesABC7
  • May 04, 2014


p>April 29, 2014 (WLS) — The ABC7 I-Team is learning more about “heartbleed” and how you can be a victim without even knowing it.

The popular software used to protect your personal information has been compromised, but that threat is confusing some people.

This not something you should blow off.

Technology experts say that “heartbleed” is widespread and hit 66 percent of all websites over the past two years.

So the I-Team wanted to know what people are doing to stop the bleeding.

Heartbleed. The term comes from the communication between two so-called “hearts” on a server which verify your security as you shop, check e-mails and bank statements. There is now a backdoor break-in between those hearts, and it’s bleeding.

“This is a very big vulnerability,” said John Miller, Trustwave.


 # # #

Updated: May 8, 2014 — 7:56 pm

The Author

Rich Fleetwood

Rich is the founder of SurvivalRing, now in it's 24th year, author of multimedia CDs and DVDs, loves the outdoors, his family, his geeky skill-set, and lives in rural southern Wyoming, just below the continental divide (long story, that...). Always ready to help others, he shares what he learns on multiple blogs, many social sites, and more. With a background in preparedness and survival skills, training with county, state, and national organizations, and skills in all areas of media and on air experience in live radio and television, Rich is always thinking about the "big picture", when it comes to helping individuals and families prepare for life's little surprises.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.